Securing BlazeDS (https)

I wanted to set up a flex/BlazeDS app to ONLY use https and not http at all!

Key lies in setting up the channels in two places:

1) In services-config.xml, comment out the normal my-amf channel and leave the my-secure-amf only


<channel-definition id=”my-amf”>
<endpoint url=”http://{}:{server.port}/{context.root}/messagebroker/amf”/>
<channel-definition id=”my-secure-amf”>
<endpoint url=”https://{}:{server.port}/{context.root}/messagebroker/amfsecure”/>

2) Secondly comment out the same details in the remoting-config.xml file

<channel ref=”my-secure-amf”/>
<!–          <channel ref=”my-amf”/> –>

That’s it. Deploy and check. the first screen on http may appear, but nothing thereafter will work unless you use https://


  1. Awesome blog!

    I thought about starting my own blog too but I’m just too lazy so, I guess Ill just have to keep checking yours out.

  2. its not working only work on http://localhost:8400/xyz.html

  3. what needs to be done on the flex side? for some reason i cant seem to get it to work when i am using the secure channel.

Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s